MIFARE DESFire EV2 Smart Card IC

MIFARE DESFire EV2 is Common Criteria EAL5+ security certified which is the same level of certification demanded for smart card ICs used in e-passports and banking cards. It also includes proximity control to mitigate Man-in-the-Middle attacks and a Transaction Timer function to help counteract replay attacks.

It is the ideal contactless IC for public transport tickets, loyalty cards and access control systems.

1. Faster Transactions

The MIFARE DESFire EV2 IC is designed to offer a balance of speed, performance and cost efficiency. Its open concept allows for seamless future integration of other ticketing media such as smart paper tickets, key fobs and mobile ticketing based on Near Field Communication (NFC) technology. Data transfer rates reach up to 848 Kbit/s.

Compared to previous generations, command execution times begin milliseconds faster improving transaction speeds. Its patented API Command Queue further improves transaction time by enabling multiple APDU commands to be sent in one packet increasing system throughput.

MIFARE DESFire EV2 offers a number of security provisions including the 3DES hardware cryptographic engine and AES-128 encryption for data transactions. In addition, the IC is Common Criteria EAL5+ certified which is the same level of security demanded in the demand for smart card IC products used, for example, in banking cards or electronic passports.

To help mitigate man-in-the-middle attacks, the IC also features a Transaction Timer feature that enables system providers to configure a minimum time per transaction to protect against attackers trying to capture and replay the NFC interaction. The MIsmartApp feature of mifare desfire ev2 further expands the possibilities for end users to use their product-based credentials for more applications, such as closed loop payments at vending machines, access control management or loyalty programs. A MIFARE DESFire EV2 product-based card can hold as many applications as its memory capacity supports and new applications can be loaded after the product is in use. A purse can even be shared between different applications for greater interoperability.

2. Enhanced Security

Many physical access control applications require a higher level of security. This is true for universities, theme parks, festivals and cashless campus solutions. Often existing card systems need to be upgraded to a higher mifare desfire ev2 security platform without having to replace the entire card infrastructure.

The NXP DESFire family of chips provides the ideal solution to meet these requirements, offering high security, scalability and interoperability. DESFire EV2 is the latest chip to join this product line and delivers a balanced combination of speed, performance and cost efficiency.

Featuring a secure key management system and a built-in backup management system, the MIFARE DESFire EV2 is highly protected against attacks. The chip offers mutual three-pass authentication and a hardware cryptographic engine for enhanced security. It also offers a dynamic security configuration, enabling different data sets to be stored and used at the same time, providing a higher level of protection against spoofing or cloning.

In addition, the DESFire EV2 has the ability to map selected application data to a Classic 1K memory layout, providing a migratory path for users who need to move to a higher level of security but are using applications that can be supported mifare desfire ev2 with Classic. This feature is also available on other NXP DESFire products such as the DNA-type chips NTAG 424 and NTAG 523. This enables the chip to generate a new set of credentials each time it is read, which effectively protects the contents of the card from being copied or hacked.

3. Interoperability

MIFARE DESFire EV2 is a contactless IC designed for applications that demand the highest levels of security. This chip offers a perfect balance of speed, performance and cost efficiency for use in access control, public transportation ticketing and loyalty cards.

Its open concept also allows for future seamless integration of other media such as smart paper tickets, key fobs and mobile ticketing based on Near Field Communication (NFC) technology. Moreover, data transfer rates up to 848 Kbit/s can be achieved, resulting in fast and smooth processing of transaction requests.

The mifare desfire ev2 is backwards compatible with the older mifare DESFire EV1 version and can be used in existing systems without any change. However, the newer mifare DESFire v3 is more advanced in terms of its functionality and offers even better protection against attacks. This newest version can handle up to 1 million read/write cycles and has a built-in Transaction Timer to mitigate man-in-the-middle attacks.

The mifare v3 is also more secure against cloning, thanks to its SUN message function that generates a different string each time the tag is read. This way, the chip is able to verify that it is talking to the correct reader and not some malicious one. This is an extremely important feature in NFC credentials, especially those for access control and other high-security applications.

4. Flexibility

DESFire EV2 offers a higher level of security compared to the older EV1 chip. This is due to the fact that the EV2 card has a transaction timer built in that prevents Man-in-the-Middle attacks by setting a maximum time for each transaction on the chip. This is a feature that was added as an upgrade for many institutions. However, this feature is only useful if the system and readers support it. If the institution has not yet upgraded their software to the new EV2 functionality, then it may be more cost effective to continue to use EV1 cards until they do.

Using an on-chip backup management system and mutual three pass authentication, a DESFire EV2 card can hold an unlimited number of different applications, limited only by its memory size. Additionally, after a card has been deployed into the market, new applications can be loaded into it remotely. This increased flexibility allows for greater interoperability between systems.

DESFire has been designed with the needs of system operators and solution providers in mind, as it provides a scalable contactless platform for a variety of multi-applications such as access control, identity, loyalty and closed-loop micropayments. It is also fully compatible with NFC Forum Type 4 Tags and is Common Criteria EAL5+ security certified, making it a safe choice for your institution’s RFID system.